CN115242545A - Safety management method and system for Internet of things equipment data - Google Patents

Safety management method and system for Internet of things equipment data Download PDF

Info

Publication number
CN115242545A
CN115242545A CN202210940575.6A CN202210940575A CN115242545A CN 115242545 A CN115242545 A CN 115242545A CN 202210940575 A CN202210940575 A CN 202210940575A CN 115242545 A CN115242545 A CN 115242545A
Authority
CN
China
Prior art keywords
data
request
identification
encryption
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210940575.6A
Other languages
Chinese (zh)
Other versions
CN115242545B (en
Inventor
郝武伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanxi Vocational University Of Engineering And Technology
Original Assignee
Shanxi Vocational University Of Engineering And Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanxi Vocational University Of Engineering And Technology filed Critical Shanxi Vocational University Of Engineering And Technology
Priority to CN202210940575.6A priority Critical patent/CN115242545B/en
Publication of CN115242545A publication Critical patent/CN115242545A/en
Application granted granted Critical
Publication of CN115242545B publication Critical patent/CN115242545B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the field of information data safety, and discloses a safety management method and a system for Internet of things equipment data, which can protect the information data safety of intelligent household equipment, can effectively avoid link control and data stealing behaviors of unauthorized equipment on an intelligent household, and can effectively avoid the data safety problem when a single piece of equipment is invaded and cracked by a mutual assistance encryption authentication mode among multiple pieces of Internet of things equipment in the application compared with a simple identity verification method adopted by the existing intelligent household Internet of things equipment, so that the safety of the whole intelligent household Internet of things equipment group is improved.

Description

Safety management method and system for Internet of things equipment data
Technical Field
The invention relates to the field of information data security, in particular to a method and a system for security management of Internet of things equipment data.
Background
Along with the rapid development of computer technology, thing networking smart home is used widely in more and more young families gradually, and higher intellectuality and automation can bring great facility for the life, can promote the happiness of daily family life in a certain extent.
Meanwhile, due to the networking function and the intellectualization of the intelligent household equipment, more hidden dangers are generated on the safety of the household information equipment, the number of household network interfaces is increased, the invasion of unauthorized personnel on the household network is more conveniently cracked, more interfaces mean more breakthrough, and the safety of the household information and the network is seriously influenced.
Disclosure of Invention
The invention aims to provide a method and a system for safely managing equipment data of the Internet of things, so as to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme:
a safety management system for equipment data of the Internet of things comprises:
the data response module is used for acquiring request verification data, randomly encrypting the request verification data for multiple times through a preset multiple encryption program, generating multi-dimensional encryption data and forwarding the multi-dimensional encryption data, wherein the multiple encryption program comprises multiple groups of encryption schemes, the encryption schemes correspond to different Internet of things terminals, and encryption scheme identification bits are arranged in the multi-dimensional encryption data;
the data mutual authentication module is used for receiving the multidimensional encrypted data, judging the highest position of the identification bits of the encryption scheme based on a self-preset identification code, decrypting and forwarding the multidimensional encrypted data according to the preset encryption scheme if the highest position of the identification bits of the encryption scheme is consistent with the highest position of the identification bits of the encryption scheme and the total number of the identification bits of the encryption scheme is more than one, and guiding to execute an information identification program if the total number of the identification bits of the encryption scheme is one;
an information recognition module for executing the information recognition program, comprising the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled through the encryption scheme;
and the request response module is used for judging the identification bit through the identification code preset by the request response module so as to receive the request verification judgment result, responding to the request verification judgment result, and acquiring and responding to a device control request and a data read-write request corresponding to the request verification data.
As a further scheme of the invention: further comprising a collaborative authentication module, the collaborative authentication module comprising:
the identity authentication unit is used for acquiring an object access request, acquiring object identity information in the object access request, and establishing request authentication data according to the object identity information, wherein the request authentication data is used for performing request authentication on the object identity information, and the object identity information comprises biological characteristic identification information;
and the equipment authentication unit is used for acquiring an access request of the terminal of the Internet of things, acquiring and verifying the terminal identity information in the access request of the terminal, requesting to acquire the biological characteristic identification information of the operation object if the verification is passed, and establishing request verification data based on the biological characteristic identification information so as to authenticate the identity of the operator.
As a further scheme of the invention: the request response module comprises an information identification unit;
the information identification unit is used for acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
As a further scheme of the invention: the system also comprises a state synchronization module;
the state synchronization module is used for judging the connection states of the plurality of terminals of the Internet of things and marking a plurality of groups of encryption schemes based on the connection states, wherein the marks are used for enabling the encryption schemes corresponding to the terminals of the Internet of things with the connection states of being off-line to be invalid.
As a further scheme of the invention: the data mutual-authentication module and the data identification module are both provided with response marking units, the response marking units are used for carrying out response marking on the request verification judgment result according to the identification codes, when the request verification judgment result is responded, the response marking is judged according to the encryption scheme identification bit, and if the request verification judgment result is met, the response marking units respond to the request verification judgment result.
The embodiment of the invention aims to provide a safety management method for equipment data of the Internet of things, which comprises the following steps:
acquiring request verification data, randomly encrypting the request verification data for multiple times through a preset multiple encryption program to generate multi-dimensional encryption data and forwarding the multi-dimensional encryption data, wherein the multiple encryption program comprises multiple groups of encryption schemes, the encryption schemes correspond to different terminals of the Internet of things, and encryption scheme identification bits are arranged in the multi-dimensional encryption data;
receiving multidimensional encrypted data, judging the highest position of an encryption scheme identification bit based on a self-preset identification code, if the highest position is consistent with the highest position and the total number of the encryption scheme identification bit is more than one, decrypting and forwarding the multidimensional encrypted data according to a preset encryption scheme, and if the total number of the encryption scheme identification bit is one, guiding to execute an information identification program;
the information recognition program includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled through the encryption scheme;
and judging the identification bit through the identification code preset by the identification code to receive the request verification judgment result, responding to the request verification judgment result, and acquiring and responding to the equipment control request and the data read-write request corresponding to the request verification data.
As a further scheme of the invention: further comprising the steps of:
acquiring an object access request, acquiring object identity information in the object access request, and establishing request verification data according to the object identity information, wherein the request verification data is used for performing request authentication on the object identity information, and the object identity information comprises biological characteristic identification information;
the method comprises the steps of obtaining an access request of an Internet of things terminal, obtaining and verifying terminal identity information in the access request of the terminal, obtaining biological characteristic identification information of an operation object if the terminal passes the verification, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
As a still further scheme of the invention: the step of obtaining and responding to the device control request and the data read-write request corresponding to the request authentication data specifically includes:
and acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
Compared with the prior art, the invention has the beneficial effects that: the method has the advantages that the information data safety of the intelligent household equipment can be protected, the link control and the data stealing behavior of the intelligent household by unauthorized equipment can be effectively avoided, compared with a simple identity verification method adopted by the existing intelligent household Internet of things equipment, the data safety problem when single equipment is broken by invasion can be effectively avoided through a mutual assistance encryption authentication mode among multiple Internet of things equipment, and the safety of the whole intelligent household Internet of things equipment group is improved.
Drawings
Fig. 1 is a block diagram of a security management system for data of an internet of things device.
Fig. 2 is a block diagram of a cooperative authentication module in a security management system for device data of the internet of things.
Fig. 3 is a flow chart of a method for securely managing data of an internet of things device.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The following detailed description of specific embodiments of the present invention is provided in connection with specific embodiments.
As shown in fig. 1, a system for securely managing data of an internet of things device according to an embodiment of the present invention includes:
the data response module 100 is configured to obtain request verification data, randomly encrypt the request verification data multiple times through a preset multiple encryption program, generate and forward multidimensional encryption data, where the multiple encryption program includes multiple sets of encryption schemes, the encryption schemes correspond to different internet of things terminals, and encryption scheme identification bits are set in the multidimensional encryption data.
And the data mutual authentication module 300 is configured to receive the multidimensional encrypted data, determine the highest bit of the encryption scheme identification bit based on a self-preset identification code, decrypt and forward the multidimensional encrypted data according to a preset encryption scheme if the highest bit of the encryption scheme identification bit matches the preset identification code and the total number of the encryption scheme identification bit is greater than one, and guide to execute an information identification program if the total number of the encryption scheme identification bit is one.
An information recognition module 500, configured to execute the information recognition program, includes the steps of: and identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled by the encryption scheme.
The request response module 700 is configured to determine the identification bit by using the identification code preset by itself to receive the request verification determination result, respond to the request verification determination result, and obtain and respond to the device control request and the data read-write request corresponding to the request verification data.
In the embodiment, the safety management system for the equipment data of the internet of things is suitable for an internet of things system of an intelligent home, can protect the information data safety of the intelligent home equipment, can effectively avoid link control and data stealing behaviors of unauthorized equipment on the intelligent home, and can effectively avoid the data safety problem when a single piece of equipment is invaded and cracked by a mutual assistance encryption authentication mode among multiple pieces of internet of things equipment compared with a simple identity verification method adopted by the existing intelligent home internet of things equipment, so that the safety of the whole intelligent home internet of things equipment group is improved; specifically, when a user or an unauthorized person connects to any one of the smart home devices through the wireless network, the generated data verification request or data verification data content trying to be connected to the smart home devices is randomly encrypted for many times by the data response module 100, each random encryption corresponds to one group of encryption schemes and corresponds to other different smart home devices (i.e., internet of things devices) respectively, the encrypted data is then forwarded, the data mutual authentication module 300 of other smart homes removes the outermost encryption of the encrypted data when the encryption schemes are consistent with the data mutual authentication module, when the number of encryption layers is one, the encrypted content is identified by the data identification library of the user, so that the identity or security judgment of the request is performed (the data identification library is determined and unique for each smart home), and after the verification is passed, the verification result is returned to the smart home receiving the request to respond to the corresponding request content through the request response module 700, and meanwhile, in such a multi-device cooperative authentication manner, when a certain device is invaded, a dangerous signal is transmitted through other devices, so as to notify the user.
As shown in fig. 2, as another preferred embodiment of the present invention, the present invention further includes a cooperative authentication module, where the cooperative authentication module 900 includes:
an identity authentication unit 901, configured to obtain an object access request, obtain object identity information in the object access request, and establish request verification data according to the object identity information, where the request verification data is used to perform request authentication on the object identity information, and the object identity information includes biometric identification information.
The device authentication unit 902 is configured to obtain an access request of the internet of things terminal, obtain and verify terminal identity information in the access request of the terminal, request to obtain biometric information of an operation object if the terminal identity information passes verification, and establish request verification data based on the biometric information to authenticate an identity of an operator.
In this embodiment, a cooperative authentication module 900 and related function division descriptions are added, where the identity authentication unit 901 is a unit that performs identity authentication on other devices connected to the smart home devices, and performs mutual encryption authentication among multiple devices by accessing an object access request to the data response module 100 to determine the identity of an object, so that identity data packets during the process of verifying the identity of the object are all in an encrypted state, and at this time, even if an intruder acquires an identity data packet (a data segment containing object identity information) through actions such as packet capturing and the like, the identity data packet cannot be used for identity authentication during intrusion because the identity data packet is in an encrypted state, and the device authentication unit 902 functions in a certain disconnected device among multiple smart home internet of things devices, and then the device can be added to a network group again through the actual authentication operation of an owner, thereby further reducing the probability of intrusion through repeated disconnection of the device to perform connection request packet capturing.
As another preferred embodiment of the present invention, the request response module 700 includes an information identification unit;
the information identification unit is used for acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
In this embodiment, the information identification unit is used to identify the command received by the internet of things device, and the command response library is a safe executable command established by the user, so that when a higher-level command out of the range of the command library is received, authentication is required to confirm the identity.
As another preferred embodiment of the present invention, the present invention further comprises a state synchronization module;
the state synchronization module is used for judging the connection states of the plurality of terminals of the Internet of things and marking a plurality of groups of encryption schemes based on the connection states, wherein the marks are used for marking the encryption schemes corresponding to the terminals of the Internet of things with the off-line connection states to be invalid.
Further, both the data mutual authentication module 300 and the data identification module 500 are provided with a response marking unit, where the response marking unit is configured to perform response marking on the request verification determination result according to the identification code, when the request verification determination result is responded, determine the response marking according to the encryption scheme identification bit, and if the request verification determination result is met, respond to the request verification determination result.
In this embodiment, the state synchronization module is used to avoid the problem that when a certain smart home is offline, other devices still encrypt based on the encryption scheme of the device, so that verification cannot pass; the response marking unit marks the decryption and identification processes of the multi-dimensional encrypted data so as to facilitate verification and identify the condition that the data is hijacked by other equipment but not normally decrypted.
As shown in fig. 3, the present invention further provides a method for securely managing data of an internet of things device, including:
s200, request verification data are obtained, multiple random encryption is carried out on the request verification data through a preset multiple encryption program, multi-dimensional encryption data are generated and forwarded, the multiple encryption program comprises multiple groups of encryption schemes, the encryption schemes correspond to different Internet of things terminals, and encryption scheme identification bits are arranged in the multi-dimensional encryption data.
S400, receiving the multi-dimensional encrypted data, judging the highest position of the encryption scheme identification bit based on a self-preset identification code, if the multi-dimensional encrypted data is consistent with the encryption scheme identification bit, and the total number of the encryption scheme identification bit is more than one, decrypting and forwarding the multi-dimensional encrypted data according to a preset encryption scheme, and if the total number of the encryption scheme identification bit is one, guiding to execute an information identification program.
S600, the information identification program comprises the following steps: and identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled by the encryption scheme.
And S800, judging the identification bit through the identification code preset by the identification code to receive the request verification judgment result, responding to the request verification judgment result, and acquiring and responding to the device control request and the data read-write request corresponding to the request verification data.
As another preferred embodiment of the present invention, further comprising the steps of:
the method comprises the steps of obtaining an object access request, obtaining object identity information in the object access request, and establishing request verification data according to the object identity information, wherein the request verification data is used for performing request authentication on the object identity information, and the object identity information comprises biological characteristic identification information.
The method comprises the steps of obtaining an access request of an Internet of things terminal, obtaining and verifying terminal identity information in the access request of the terminal, obtaining biological characteristic identification information of an operation object if the terminal passes the verification, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
As another preferred embodiment of the present invention, the step of obtaining and responding to the device control request and the data read/write request corresponding to the request verification data specifically includes:
and acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), rambus (Rambus) direct RAM (RDRAM), direct Rambus Dynamic RAM (DRDRAM), and Rambus Dynamic RAM (RDRAM), among others.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (8)

1. A safety management system for equipment data of the Internet of things is characterized by comprising:
the data response module is used for acquiring request verification data, randomly encrypting the request verification data for multiple times through a preset multiple encryption program, generating multi-dimensional encryption data and forwarding the multi-dimensional encryption data, wherein the multiple encryption program comprises multiple groups of encryption schemes, the encryption schemes correspond to different Internet of things terminals, and encryption scheme identification bits are arranged in the multi-dimensional encryption data;
the data mutual authentication module is used for receiving the multidimensional encrypted data, judging the highest position of the identification bits of the encryption scheme based on a self-preset identification code, decrypting and forwarding the multidimensional encrypted data according to the preset encryption scheme if the highest position of the identification bits of the encryption scheme is consistent with the highest position of the identification bits of the encryption scheme and the total number of the identification bits of the encryption scheme is more than one, and guiding to execute an information identification program if the total number of the identification bits of the encryption scheme is one;
an information recognition module for executing the information recognition program, comprising the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled through the encryption scheme;
and the request response module is used for judging the identification bit through the identification code preset by the request response module so as to receive the request verification judgment result, responding to the request verification judgment result, and acquiring and responding to the equipment control request and the data read-write request corresponding to the request verification data.
2. The system for security management of device data of the internet of things according to claim 1, further comprising a collaborative authentication module, wherein the collaborative authentication module comprises:
the identity authentication unit is used for acquiring an object access request, acquiring object identity information in the object access request, and establishing request authentication data according to the object identity information, wherein the request authentication data is used for performing request authentication on the object identity information, and the object identity information comprises biological characteristic identification information;
and the equipment authentication unit is used for acquiring an access request of the terminal of the Internet of things, acquiring and verifying the terminal identity information in the access request of the terminal, requesting to acquire the biological characteristic identification information of the operation object if the verification is passed, and establishing request verification data based on the biological characteristic identification information so as to authenticate the identity of the operator.
3. The system for the security management of the device data of the internet of things according to claim 2, wherein the request response module comprises an information identification unit;
the information identification unit is used for acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
4. The system for the security management of the data of the internet of things equipment according to claim 1, further comprising a state synchronization module;
the state synchronization module is used for judging the connection states of the plurality of terminals of the Internet of things and marking a plurality of groups of encryption schemes based on the connection states, wherein the marks are used for marking the encryption schemes corresponding to the terminals of the Internet of things with the off-line connection states to be invalid.
5. The system for security management of internet of things device data according to claim 4, wherein the data mutual authentication module and the data identification module are each provided with a response marking unit, the response marking unit is configured to perform response marking on the request verification determination result according to the identification code, when the request verification determination result is responded, the response marking is determined according to the encryption scheme identification bit, and if the request verification determination result is met, the request verification determination result is responded.
6. A safety management method for Internet of things equipment data is characterized by comprising the following steps:
acquiring request verification data, randomly encrypting the request verification data for multiple times through a preset multiple encryption program to generate multi-dimensional encryption data and forwarding the multi-dimensional encryption data, wherein the multiple encryption program comprises multiple groups of encryption schemes, the encryption schemes correspond to different terminals of the Internet of things, and encryption scheme identification bits are arranged in the multi-dimensional encryption data;
receiving multi-dimensional encrypted data, judging the highest bit of the encryption scheme identification bit based on a self-preset identification code, if the highest bit is consistent with the highest bit and the total number of the encryption scheme identification bit is more than one, decrypting and forwarding the multi-dimensional encrypted data according to a preset encryption scheme, and if the total number of the encryption scheme identification bit is one, guiding to execute an information identification program;
the information recognition program includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, carrying out safety judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, wherein the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database compiled through the encryption scheme;
and judging the identification bit through the identification code preset by the identification code to receive the request verification judgment result, responding to the request verification judgment result, and acquiring and responding to the equipment control request and the data read-write request corresponding to the request verification data.
7. The method for safely managing the data of the equipment of the internet of things according to claim 6, characterized by further comprising the steps of:
acquiring an object access request, acquiring object identity information in the object access request, and establishing request verification data according to the object identity information, wherein the request verification data is used for performing request authentication on the object identity information, and the object identity information comprises biological characteristic identification information;
the method comprises the steps of obtaining an access request of an Internet of things terminal, obtaining and verifying terminal identity information in the access request of the terminal, obtaining biological characteristic identification information of an operation object if the terminal passes the verification, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
8. The method for security management of device data of the internet of things according to claim 7, wherein the step of obtaining and responding to the device control request and the data read-write request corresponding to the request authentication data specifically comprises:
and acquiring the equipment control request and the data reading and writing request, identifying and responding the equipment control request and the data reading and writing request through a preset instruction response library, stopping responding the equipment control request and the data reading and writing request and requesting to acquire biological characteristic identification information of an operation object if the equipment control request and the data reading and writing request exceed the preset instruction response library, and establishing request verification data based on the biological characteristic identification information to authenticate the identity of an operator.
CN202210940575.6A 2022-08-06 2022-08-06 Security management method and system for equipment data of Internet of things Active CN115242545B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210940575.6A CN115242545B (en) 2022-08-06 2022-08-06 Security management method and system for equipment data of Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210940575.6A CN115242545B (en) 2022-08-06 2022-08-06 Security management method and system for equipment data of Internet of things

Publications (2)

Publication Number Publication Date
CN115242545A true CN115242545A (en) 2022-10-25
CN115242545B CN115242545B (en) 2023-12-08

Family

ID=83679091

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210940575.6A Active CN115242545B (en) 2022-08-06 2022-08-06 Security management method and system for equipment data of Internet of things

Country Status (1)

Country Link
CN (1) CN115242545B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015176167A (en) * 2014-03-13 2015-10-05 キーパスコ アーベーKeypasco AB Network authentication method for secure user identification information verification
CN106533861A (en) * 2016-11-18 2017-03-22 郑州信大捷安信息技术股份有限公司 Security control system and authentication method of smart home Internet of Things
CN107911393A (en) * 2017-12-28 2018-04-13 北京明朝万达科技股份有限公司 A kind of data safety management system and method
CN110086755A (en) * 2018-01-26 2019-08-02 巍乾全球技术有限责任公司 Realize method, application server, internet of things equipment and the medium of Internet of Things service
CN110138736A (en) * 2019-04-11 2019-08-16 泉州信息工程学院 Internet of things multiple dynamic random encryption identity authentication method, device and equipment
CN110740128A (en) * 2019-09-27 2020-01-31 武汉虹识技术有限公司 off-line data encryption method and device
WO2020191928A1 (en) * 2019-03-27 2020-10-01 深圳市网心科技有限公司 Digital identity authentication method, device, apparatus and system, and storage medium
US20210297246A1 (en) * 2020-03-18 2021-09-23 Realtek Semiconductor Corp. Internet of things networking authentication system and method thereof

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015176167A (en) * 2014-03-13 2015-10-05 キーパスコ アーベーKeypasco AB Network authentication method for secure user identification information verification
CN106533861A (en) * 2016-11-18 2017-03-22 郑州信大捷安信息技术股份有限公司 Security control system and authentication method of smart home Internet of Things
CN107911393A (en) * 2017-12-28 2018-04-13 北京明朝万达科技股份有限公司 A kind of data safety management system and method
CN110086755A (en) * 2018-01-26 2019-08-02 巍乾全球技术有限责任公司 Realize method, application server, internet of things equipment and the medium of Internet of Things service
WO2020191928A1 (en) * 2019-03-27 2020-10-01 深圳市网心科技有限公司 Digital identity authentication method, device, apparatus and system, and storage medium
CN110138736A (en) * 2019-04-11 2019-08-16 泉州信息工程学院 Internet of things multiple dynamic random encryption identity authentication method, device and equipment
CN110740128A (en) * 2019-09-27 2020-01-31 武汉虹识技术有限公司 off-line data encryption method and device
US20210297246A1 (en) * 2020-03-18 2021-09-23 Realtek Semiconductor Corp. Internet of things networking authentication system and method thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
夏平;: "智能家居系统安全性方案的设计", 电脑知识与技术, no. 17 *
黄超: "智能家居系统安全方案的技术研究", 《数字通信世界》 *

Also Published As

Publication number Publication date
CN115242545B (en) 2023-12-08

Similar Documents

Publication Publication Date Title
US8898475B2 (en) Method, controller and system for detecting infringements of the authenticity of system components
CN112905965B (en) Financial big data processing system based on block chain
CN106161442A (en) A kind of system control user login method
JPWO2006075355A1 (en) Peripheral device of programmable logic controller
CN104428782B (en) Programmable logic controller (PLC)
CN115514585B (en) Database security management method and system
CN103617005A (en) Access method, device and system for intelligent card
CN111612476A (en) Secondary check anti-counterfeiting method, device, equipment and storage medium
CN114584382B (en) Security management method and system for wireless data transmission
US20100042845A1 (en) Ic tag system
KR102192330B1 (en) Management system and method for data security for storage device using security device
CN115242545A (en) Safety management method and system for Internet of things equipment data
CN112735005A (en) Access control card, authorization and verification method thereof, terminal subsystem and access control system
CN111210229A (en) Product circulation authenticity verification method
EP2770663A1 (en) Encryption Key-Based Product Authentication System and Method
CN114218593A (en) Information security detection method based on office equipment
CN112417424A (en) Authentication method and system for power terminal
CN114582048A (en) NFC-based vehicle door control method, mobile terminal and vehicle
CN112712612A (en) Method, device, computer readable medium and equipment for controlling intelligent door lock
CN112350900A (en) Safety switch control method and module based on Bluetooth and WeChat applet
CN116846684B (en) Video security access management method and system
CN112491800B (en) Real-time authentication method for encrypted USB flash disk
CN114785529B (en) Method and system for establishing trusted communication link based on block chain
CN115103456B (en) PDA intelligent docking method and intelligent docking system
CN117528501B (en) Anti-cracking RFID tag, initializing method and reading method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant